Export limit exceeded: 363243 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1648 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters.
CVE-2002-1650 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter.
CVE-2002-1652 1 Mit 1 Cgiemail 2026-04-16 N/A
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.
CVE-2005-0085 4 Htdig, Mandrakesoft, Redhat and 1 more 6 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
CVE-2005-2695 1 Cisco 2 Ciscoworks Management Center For Ids Sensors, Ciscoworks Monitoring Center For Security 2026-04-16 N/A
Unspecified vulnerability in the SSL certificate checking functionality in Cisco CiscoWorks Management Center for IDS Sensors (IDSMC) 2.0 and 2.1, and Monitoring Center for Security (Security Monitor or Secmon) 1.1 through 2.0 and 2.1, allows remote attackers to spoof a Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS).
CVE-2002-1656 1 Xqus 1 X-news 2026-04-16 N/A
X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie.
CVE-2005-0091 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.
CVE-2001-1168 1 Phpmyexplorer 2 Phpmyexplorer Classic, Phpmyexplorer Multiuser 2026-04-16 N/A
Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter.
CVE-2005-0094 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
CVE-2001-1173 1 Masqmail 1 Masqmail 2026-04-16 N/A
Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases.
CVE-2005-0096 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
CVE-2005-2698 1 Nelogic Technologies 1 Nephp Publisher Enterprise 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded keywords parameter.
CVE-2002-1666 1 Oracle 1 E-business Suite 2026-04-16 N/A
Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL.
CVE-2005-0097 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
CVE-2004-1723 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message.
CVE-2004-0731 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field.
CVE-2002-1744 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).
CVE-2002-1746 1 Maxim Krasnyansky 1 Vtun 2026-04-16 N/A
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
CVE-2002-1747 1 Maxim Krasnyansky 1 Vtun 2026-04-16 N/A
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB.
CVE-2002-1748 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.